Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

A Secure Compiler for ML Modules

  • Conference paper
  • First Online:
Programming Languages and Systems (APLAS 2015)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 9458))

Included in the following conference series:

Abstract

Many functional programming languages compile to low-level languages such as C or assembly. Numerous security properties of those compilers, however, apply only when the compiler compiles whole programs. This paper presents a compilation scheme that securely compiles a standalone module of \({\text {ModuleML}}\), a light-weight version of an ML with modules, into untyped assembly. The compilation scheme is secure in that it reflects the abstractions of a \({\text {ModuleML}}\) module, for every possible piece of assembly code that it interacts with. This is achieved by isolating the compiled module through a low-level memory isolation mechanism and by dynamically type checking its interactions. We evaluate an implementation of the compiler on relevant test scenarios.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://github.com/sylvarant/moduleml-witness-algorithm.

  2. 2.

    https://github.com/sylvarant/secure-ml-compiler.

References

  1. Abadi, M.: Protection in programming-language translations. In: Vitek, J., Jensen, C.D. (eds.) Secure Internet Programming. LNCS, vol. 1603, pp. 19–34. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  2. Chlipala, A.: A certified type-preserving compiler from lambda calculus to assembly language. In: PLDI 2007, pp. 54–65. ACM, New York, NY, USA (2007)

    Google Scholar 

  3. Codognet, P., Diaz, D.: WAMCC: Compiling Prolog to C. In: ICLP, pp. 317–331. MIT PRess (1995)

    Google Scholar 

  4. Dreyer, D.: Understanding and evolving the ML module system. PhD thesis, Carnegie Mellon, May 2005

    Google Scholar 

  5. Fournet, C., Swamy, N., Chen, J., Dagand, P.-E., Strub, P.-Y., Livshits, B.: Fully abstract compilation to javascript. In: POPL, pp. 371–38 (2013)

    Google Scholar 

  6. Hur, C.-K., Dreyer, D.: A Kripke logical relation between ML and assembly. In: POPL 2011, pp. 133–146. ACM (2011)

    Google Scholar 

  7. Jagadeesan, R., Pitcher, C., Rathke, J., Riely, J.: Local memory via layout randomization. In: CSF 2011, pp. 161–174. IEEE (2011)

    Google Scholar 

  8. Jeffrey, A., Rathke, J.: A fully abstract may testing semantics for concurrent objects. Theor. Comput. Sci. 338(1–3), 17–63 (2005)

    Article  MathSciNet  MATH  Google Scholar 

  9. Larmuseau, A., Clarke, D.: Formalizing a secure foreign function interface. In: Calinescu, R., Rumpe, B. (eds.) SEFM 2015. LNCS, vol. 9276, pp. 215–230. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

  10. Larmuseau, A., Patrignani, M., Clarke, D.: A secure compiler for ml modules - extended version. Technical Report 2015–028, Uppsala University, September 2015

    Google Scholar 

  11. Leroy, X.: Manifest types, modules, and separate compilation. In: POPL 1994, pp. 109–122. ACM, New York, NY, USA (1994)

    Google Scholar 

  12. Leroy, X.: Formal verification of a realistic compiler. CACM 52(7), 107–115 (2009)

    Article  Google Scholar 

  13. Leroy, X., Doligez, D., Garrigue, J., Rémy, D., Vôuillon, J.: The Objective Caml system, release 4.02. Technical report, INRIA, August 2014

    Google Scholar 

  14. Matthews, J., Ahmed, A.: Parametric polymorphism through run-time sealing or, theorems for low, low prices!. In: Drossopoulou, S. (ed.) ESOP 2008. LNCS, vol. 4960, pp. 16–31. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  15. McKeen, F., Alexandrovich, I., Berenzon, A., Rozas, C.V., Shafi, H., Shanbhogue, V., Savagaonkar, U.R.: Innovative instructions and software model for isolated execution. In: HASP 2013, ACM (2013)

    Google Scholar 

  16. Patrignani, M., Agten, P., Strackx, R., Jacobs, B., Clarke, D., Piessens, F.: Secure compilation to protected module architectures. TOPLAS 37(2), 6:1–6:50 (2015)

    Article  Google Scholar 

  17. Patrignani, M., Clarke, D.: Fully abstract trace semantics of low-level isolation mechanisms. In: SAC 2014, pp. 1562–1569. ACM (2014)

    Google Scholar 

  18. Queinnec, C.: Lisp in Small Pieces. Cambridge University Press, Cambridge (2003)

    Google Scholar 

  19. Strackx, R., Piessens, F.: Fides: selectively hardening software application components against kernel-level or process-level malware. In: CCS, pp. 2–13 (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Uppsala University, Uppsala, Sweden

    Adriaan Larmuseau & Dave Clarke

  2. IMinds-Distrinet, K.U. Leuven, Leuven, Belgium

    Marco Patrignani & Dave Clarke

Authors
  1. Adriaan Larmuseau
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marco Patrignani
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dave Clarke
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Adriaan Larmuseau .

Editor information

Editors and Affiliations

  1. Univ. of Science and Technology of China, Hefei, Anhui, China

    Xinyu Feng

  2. Pohang Univ. of Science and Technology, Nam-Gu, Pohang, Korea (Republic of)

    Sungwoo Park

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Larmuseau, A., Patrignani, M., Clarke, D. (2015). A Secure Compiler for ML Modules. In: Feng, X., Park, S. (eds) Programming Languages and Systems. APLAS 2015. Lecture Notes in Computer Science(), vol 9458. Springer, Cham. https://doi.org/10.1007/978-3-319-26529-2_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-26529-2_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-26528-5

  • Online ISBN: 978-3-319-26529-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation